Lafayette Hospital Reveals They Were Victims of a Data Breach by Unknown Third Party
A Lafayette hospital is notifying patients that they have been victims of a data breach.
According to a press release from Lafayette Surgical Specialty Hospital, a vendor that provides care management software to their business was the victim of a "data theft from an unknown third party.
LSSH says the breach happened at some point between 2020 and 2021 and the computer servers at MCG Health, LLC were compromised. The information accessed during the breach includes patients' names, addresses, dates of birth, medical records, and more.
The Hospital uses the software services obtained from MCG to establish clinical care
guidelines for its patients and to support clinical decision making. The protected health
information accessed may have included the individual’s name, address, date of birth,
patient identification number, name and address of the facility that provided health
services, the name of the patient’s health care provider, the individual’s medical record
number and internal clinical notes. MCG has begun notifying affected patients in writing
with additional information and resources. MCG will provide free credit monitoring and
identify theft detection and prevention services at no cost to all affected individuals at
the contact information provided in this release.
The incident is currently under investigation by law enforcement and patients are being offered free credit monitoring as well as identify theft detection and prevention services at no cost to all affected individuals.
In addition to reaching out to patients who may have been compromised by the breach, Lafayette Surgical Specialty Hospital has also reached out to the Department of Health and Human Services Office for Civil Rights and other regulatory authorities as required by federal and state breach notification laws.
Anyone looking to access any of the offered services can contact the number on the above release.